<!DOCTYPE HTML>
<html lang="en" >
    
    <head>
        
        <meta charset="UTF-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge" />
        <title>权限 | 课程介绍</title>
        <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
        <meta name="description" content="">
        <meta name="generator" content="GitBook 2.6.7">
        
        
        <meta name="HandheldFriendly" content="true"/>
        <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
        <meta name="apple-mobile-web-app-capable" content="yes">
        <meta name="apple-mobile-web-app-status-bar-style" content="black">
        <link rel="apple-touch-icon-precomposed" sizes="152x152" href="../gitbook/images/apple-touch-icon-precomposed-152.png">
        <link rel="shortcut icon" href="../gitbook/images/favicon.ico" type="image/x-icon">
        
    <link rel="stylesheet" href="../gitbook/style.css">
    
        
        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-highlight/website.css">
        
    
        
        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-search/search.css">
        
    
        
        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-fontsettings/website.css">
        
    
    

        
    
    
    <link rel="next" href="../C05-Components/Throttling.html" />
    
    
    <link rel="prev" href="../C05-Components/Authentication.html" />
    

        
    </head>
    <body>
        
        
    <div class="book"
        data-level="5.2"
        data-chapter-title="权限"
        data-filepath="C05-Components/Permissions.md"
        data-basepath=".."
        data-revision="Mon Jul 23 2018 07:35:48 GMT+0800 (CST)"
        data-innerlanguage="">
    

<div class="book-summary">
    <nav role="navigation">
        <ul class="summary">
            
            
            
            

            

            
    
        <li class="chapter " data-level="0" data-path="index.html">
            
                
                    <a href="../index.html">
                
                        <i class="fa fa-check"></i>
                        
                        课程介绍
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1" data-path="C01-IntroduceToDRF/index.html">
            
                
                    <a href="../C01-IntroduceToDRF/index.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.</b>
                        
                        引入DjangoRESTframework
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.1" data-path="C01-IntroduceToDRF/SeparatedFrontendAndBackend.html">
            
                
                    <a href="../C01-IntroduceToDRF/SeparatedFrontendAndBackend.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.1.</b>
                        
                        Web应用模式
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.2" data-path="C01-IntroduceToDRF/IntroduceToREST.html">
            
                
                    <a href="../C01-IntroduceToDRF/IntroduceToREST.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.2.</b>
                        
                        认识RESTful
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.3" data-path="C01-IntroduceToDRF/HowToDesignREST.html">
            
                
                    <a href="../C01-IntroduceToDRF/HowToDesignREST.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.3.</b>
                        
                        RESTful设计方法
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.4" data-path="C01-IntroduceToDRF/DevelopRESTAPIWithDjango.html">
            
                
                    <a href="../C01-IntroduceToDRF/DevelopRESTAPIWithDjango.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.4.</b>
                        
                        使用Django开发REST接口
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.5" data-path="C01-IntroduceToDRF/CoreTaskToDevelopRESTAPI.html">
            
                
                    <a href="../C01-IntroduceToDRF/CoreTaskToDevelopRESTAPI.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.5.</b>
                        
                        明确REST接口开发的核心任务
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.6" data-path="C01-IntroduceToDRF/AboutDRF.html">
            
                
                    <a href="../C01-IntroduceToDRF/AboutDRF.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.6.</b>
                        
                        DjangoRESTframework简介
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="2" data-path="C02-DRFProject/index.html">
            
                
                    <a href="../C02-DRFProject/index.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>2.</b>
                        
                        DRF工程搭建
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="2.1" data-path="C02-DRFProject/InstallAndConfig.html">
            
                
                    <a href="../C02-DRFProject/InstallAndConfig.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>2.1.</b>
                        
                        环境安装与配置
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="2.2" data-path="C02-DRFProject/TheFirstDRFProgram.html">
            
                
                    <a href="../C02-DRFProject/TheFirstDRFProgram.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>2.2.</b>
                        
                        见识DRF的魅力
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="3" data-path="C03-Serializer/index.html">
            
                
                    <a href="../C03-Serializer/index.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.</b>
                        
                        Serializer序列化器
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="3.1" data-path="C03-Serializer/Declaring.html">
            
                
                    <a href="../C03-Serializer/Declaring.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.1.</b>
                        
                        定义Serializer
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="3.2" data-path="C03-Serializer/Serializing.html">
            
                
                    <a href="../C03-Serializer/Serializing.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.2.</b>
                        
                        序列化使用
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="3.3" data-path="C03-Serializer/Deserializing.html">
            
                
                    <a href="../C03-Serializer/Deserializing.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.3.</b>
                        
                        反序列化使用
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="3.4" data-path="C03-Serializer/ModelSerializer.html">
            
                
                    <a href="../C03-Serializer/ModelSerializer.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.4.</b>
                        
                        模型类序列化器ModelSerializer
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="4" data-path="C04-View/index.html">
            
                
                    <a href="../C04-View/index.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.</b>
                        
                        视图
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="4.1" data-path="C04-View/RequestAndResponse.html">
            
                
                    <a href="../C04-View/RequestAndResponse.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.1.</b>
                        
                        Request与Response
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="4.2" data-path="C04-View/View.html">
            
                
                    <a href="../C04-View/View.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.2.</b>
                        
                        视图概览
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="4.3" data-path="C04-View/ViewIntroduction.html">
            
                
                    <a href="../C04-View/ViewIntroduction.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.3.</b>
                        
                        视图说明
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="4.4" data-path="C04-View/ViewSet.html">
            
                
                    <a href="../C04-View/ViewSet.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.4.</b>
                        
                        视图集ViewSet
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="4.5" data-path="C04-View/Routers.html">
            
                
                    <a href="../C04-View/Routers.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.5.</b>
                        
                        路由Router
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="5" data-path="C05-Components/index.html">
            
                
                    <a href="../C05-Components/index.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.</b>
                        
                        其他功能
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="5.1" data-path="C05-Components/Authentication.html">
            
                
                    <a href="../C05-Components/Authentication.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.1.</b>
                        
                        认证
                    </a>
            
            
        </li>
    
        <li class="chapter active" data-level="5.2" data-path="C05-Components/Permissions.html">
            
                
                    <a href="../C05-Components/Permissions.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.2.</b>
                        
                        权限
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.3" data-path="C05-Components/Throttling.html">
            
                
                    <a href="../C05-Components/Throttling.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.3.</b>
                        
                        限流
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.4" data-path="C05-Components/Filtering.html">
            
                
                    <a href="../C05-Components/Filtering.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.4.</b>
                        
                        过滤
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.5" data-path="C05-Components/Ordering.html">
            
                
                    <a href="../C05-Components/Ordering.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.5.</b>
                        
                        排序
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.6" data-path="C05-Components/Pagination.html">
            
                
                    <a href="../C05-Components/Pagination.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.6.</b>
                        
                        分页
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.7" data-path="C05-Components/Versioning.html">
            
                
                    <a href="../C05-Components/Versioning.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.7.</b>
                        
                        版本
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.8" data-path="C05-Components/Exceptions.html">
            
                
                    <a href="../C05-Components/Exceptions.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.8.</b>
                        
                        异常处理
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.9" data-path="C05-Components/Documents.html">
            
                
                    <a href="../C05-Components/Documents.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.9.</b>
                        
                        自动生成接口文档
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    


            
            <li class="divider"></li>
            <li>
                <a href="https://www.gitbook.com" target="blank" class="gitbook-link">
                    Published with GitBook
                </a>
            </li>
            
        </ul>
    </nav>
</div>

    <div class="book-body">
        <div class="body-inner">
            <div class="book-header" role="navigation">
    <!-- Actions Left -->
    

    <!-- Title -->
    <h1>
        <i class="fa fa-circle-o-notch fa-spin"></i>
        <a href="../" >课程介绍</a>
    </h1>
</div>

            <div class="page-wrapper" tabindex="-1" role="main">
                <div class="page-inner">
                
                
                    <section class="normal" id="section-">
                    
                        <h1 id="&#x6743;&#x9650;permissions">&#x6743;&#x9650;Permissions</h1>
<p>&#x6743;&#x9650;&#x63A7;&#x5236;&#x53EF;&#x4EE5;&#x9650;&#x5236;&#x7528;&#x6237;&#x5BF9;&#x4E8E;&#x89C6;&#x56FE;&#x7684;&#x8BBF;&#x95EE;&#x548C;&#x5BF9;&#x4E8E;&#x5177;&#x4F53;&#x6570;&#x636E;&#x5BF9;&#x8C61;&#x7684;&#x8BBF;&#x95EE;&#x3002;</p>
<ul>
<li>&#x5728;&#x6267;&#x884C;&#x89C6;&#x56FE;&#x7684;dispatch()&#x65B9;&#x6CD5;&#x524D;&#xFF0C;&#x4F1A;&#x5148;&#x8FDB;&#x884C;&#x89C6;&#x56FE;&#x8BBF;&#x95EE;&#x6743;&#x9650;&#x7684;&#x5224;&#x65AD;</li>
<li>&#x5728;&#x901A;&#x8FC7;get_object()&#x83B7;&#x53D6;&#x5177;&#x4F53;&#x5BF9;&#x8C61;&#x65F6;&#xFF0C;&#x4F1A;&#x8FDB;&#x884C;&#x5BF9;&#x8C61;&#x8BBF;&#x95EE;&#x6743;&#x9650;&#x7684;&#x5224;&#x65AD;</li>
</ul>
<h3 id="&#x4F7F;&#x7528;">&#x4F7F;&#x7528;</h3>
<p>&#x53EF;&#x4EE5;&#x5728;&#x914D;&#x7F6E;&#x6587;&#x4EF6;&#x4E2D;&#x8BBE;&#x7F6E;&#x9ED8;&#x8BA4;&#x7684;&#x6743;&#x9650;&#x7BA1;&#x7406;&#x7C7B;&#xFF0C;&#x5982;</p>
<pre><code class="lang-python">REST_FRAMEWORK = {
    <span class="hljs-string">&apos;DEFAULT_PERMISSION_CLASSES&apos;</span>: (
        <span class="hljs-string">&apos;rest_framework.permissions.IsAuthenticated&apos;</span>,
    )
}
</code></pre>
<p>&#x5982;&#x679C;&#x672A;&#x6307;&#x660E;&#xFF0C;&#x5219;&#x91C7;&#x7528;&#x5982;&#x4E0B;&#x9ED8;&#x8BA4;&#x914D;&#x7F6E;</p>
<pre><code class="lang-python"><span class="hljs-string">&apos;DEFAULT_PERMISSION_CLASSES&apos;</span>: (
   <span class="hljs-string">&apos;rest_framework.permissions.AllowAny&apos;</span>,
)
</code></pre>
<p>&#x4E5F;&#x53EF;&#x4EE5;&#x5728;&#x5177;&#x4F53;&#x7684;&#x89C6;&#x56FE;&#x4E2D;&#x901A;&#x8FC7;permission_classes&#x5C5E;&#x6027;&#x6765;&#x8BBE;&#x7F6E;&#xFF0C;&#x5982;</p>
<pre><code class="lang-python"><span class="hljs-keyword">from</span> rest_framework.permissions <span class="hljs-keyword">import</span> IsAuthenticated
<span class="hljs-keyword">from</span> rest_framework.views <span class="hljs-keyword">import</span> APIView

<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">ExampleView</span><span class="hljs-params">(APIView)</span>:</span>
    permission_classes = (IsAuthenticated,)
    ...
</code></pre>
<h3 id="&#x63D0;&#x4F9B;&#x7684;&#x6743;&#x9650;">&#x63D0;&#x4F9B;&#x7684;&#x6743;&#x9650;</h3>
<ul>
<li>AllowAny   &#x5141;&#x8BB8;&#x6240;&#x6709;&#x7528;&#x6237;</li>
<li>IsAuthenticated   &#x4EC5;&#x901A;&#x8FC7;&#x8BA4;&#x8BC1;&#x7684;&#x7528;&#x6237;</li>
<li>IsAdminUser   &#x4EC5;&#x7BA1;&#x7406;&#x5458;&#x7528;&#x6237;</li>
<li>IsAuthenticatedOrReadOnly   &#x8BA4;&#x8BC1;&#x7684;&#x7528;&#x6237;&#x53EF;&#x4EE5;&#x5B8C;&#x5168;&#x64CD;&#x4F5C;&#xFF0C;&#x5426;&#x5219;&#x53EA;&#x80FD;get&#x8BFB;&#x53D6;</li>
</ul>
<h3 id="&#x4E3E;&#x4F8B;">&#x4E3E;&#x4F8B;</h3>
<pre><code class="lang-python"><span class="hljs-keyword">from</span> rest_framework.authentication <span class="hljs-keyword">import</span> SessionAuthentication
<span class="hljs-keyword">from</span> rest_framework.permissions <span class="hljs-keyword">import</span> IsAuthenticated
<span class="hljs-keyword">from</span> rest_framework.generics <span class="hljs-keyword">import</span> RetrieveAPIView

<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">BookDetailView</span><span class="hljs-params">(RetrieveAPIView)</span>:</span>
    queryset = BookInfo.objects.all()
    serializer_class = BookInfoSerializer
    authentication_classes = [SessionAuthentication]
    permission_classes = [IsAuthenticated]
</code></pre>
<h3 id="&#x81EA;&#x5B9A;&#x4E49;&#x6743;&#x9650;">&#x81EA;&#x5B9A;&#x4E49;&#x6743;&#x9650;</h3>
<p>&#x5982;&#x9700;&#x81EA;&#x5B9A;&#x4E49;&#x6743;&#x9650;&#xFF0C;&#x9700;&#x7EE7;&#x627F;rest_framework.permissions.BasePermission&#x7236;&#x7C7B;&#xFF0C;&#x5E76;&#x5B9E;&#x73B0;&#x4EE5;&#x4E0B;&#x4E24;&#x4E2A;&#x4EFB;&#x4F55;&#x4E00;&#x4E2A;&#x65B9;&#x6CD5;&#x6216;&#x5168;&#x90E8;</p>
<ul>
<li><p><code>.has_permission(self, request, view)</code> </p>
<p>  &#x662F;&#x5426;&#x53EF;&#x4EE5;&#x8BBF;&#x95EE;&#x89C6;&#x56FE;&#xFF0C; view&#x8868;&#x793A;&#x5F53;&#x524D;&#x89C6;&#x56FE;&#x5BF9;&#x8C61;</p>
</li>
<li><p><code>.has_object_permission(self, request, view, obj)</code></p>
<p>  &#x662F;&#x5426;&#x53EF;&#x4EE5;&#x8BBF;&#x95EE;&#x6570;&#x636E;&#x5BF9;&#x8C61;&#xFF0C; view&#x8868;&#x793A;&#x5F53;&#x524D;&#x89C6;&#x56FE;&#xFF0C; obj&#x4E3A;&#x6570;&#x636E;&#x5BF9;&#x8C61;</p>
</li>
</ul>
<p>&#x4F8B;&#x5982;&#xFF1A;</p>
<pre><code class="lang-python"><span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">MyPermission</span><span class="hljs-params">(BasePermission)</span>:</span>
    <span class="hljs-function"><span class="hljs-keyword">def</span> <span class="hljs-title">has_object_permission</span><span class="hljs-params">(self, request, view, obj)</span>:</span>
        <span class="hljs-string">&quot;&quot;&quot;&#x63A7;&#x5236;&#x5BF9;obj&#x5BF9;&#x8C61;&#x7684;&#x8BBF;&#x95EE;&#x6743;&#x9650;&#xFF0C;&#x6B64;&#x6848;&#x4F8B;&#x51B3;&#x7EDD;&#x6240;&#x6709;&#x5BF9;&#x5BF9;&#x8C61;&#x7684;&#x8BBF;&#x95EE;&quot;&quot;&quot;</span>
        <span class="hljs-keyword">return</span> <span class="hljs-keyword">False</span>

<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">BookInfoViewSet</span><span class="hljs-params">(ModelViewSet)</span>:</span>
    queryset = BookInfo.objects.all()
    serializer_class = BookInfoSerializer
    permission_classes = [IsAuthenticated, MyPermission]
</code></pre>

                    
                    </section>
                
                
                </div>
            </div>
        </div>

        
        <a href="../C05-Components/Authentication.html" class="navigation navigation-prev " aria-label="Previous page: 认证"><i class="fa fa-angle-left"></i></a>
        
        
        <a href="../C05-Components/Throttling.html" class="navigation navigation-next " aria-label="Next page: 限流"><i class="fa fa-angle-right"></i></a>
        
    </div>
</div>

        
<script src="../gitbook/app.js"></script>

    
    <script src="../gitbook/plugins/gitbook-plugin-search/lunr.min.js"></script>
    

    
    <script src="../gitbook/plugins/gitbook-plugin-search/search.js"></script>
    

    
    <script src="../gitbook/plugins/gitbook-plugin-sharing/buttons.js"></script>
    

    
    <script src="../gitbook/plugins/gitbook-plugin-fontsettings/buttons.js"></script>
    

    
    <script src="../gitbook/plugins/gitbook-plugin-livereload/plugin.js"></script>
    

<script>
require(["gitbook"], function(gitbook) {
    var config = {"highlight":{},"search":{"maxIndexSize":1000000},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"fontsettings":{"theme":"white","family":"sans","size":2},"livereload":{}};
    gitbook.start(config);
});
</script>

        
    </body>
    
</html>
